540b734c0f28db97285e938c115da9c2ff0dc097dadabcb89ae55e875557d8e7

Sharing

Copy URL

Twitter E-mail

General

Target

SMEditor-Windows.zip
Size

128.5MB
Sample

240424-y5kw9sha28
MD5

5577f17292557da7eadadcda88d9889e
SHA1

6bf88cd8f1406d11e15d5af7cd90f1c0a40aee3a
SHA256

540b734c0f28db97285e938c115da9c2ff0dc097dadabcb89ae55e875557d8e7
SHA512

ed40d087ceef8df60f15056b2739d4edeae063b1266ee4bdf91e1d0ac60b1a192bc7500927987170e0e4287fc12a71e108d5542f53bf1278df87dc9d51fdcbb2
SSDEEP

3145728:dWiBWugVSl6uHG4AppIa9paxVwPY10r3pVyipVQfBR5sjE6S:dtBWTuHGRLIOpU50r9pVOBRSS

Score

7^/10

Malware Config

Targets

- Target
  
  SMEditor/SMEditor.exe
- Size
  
  2.0MB
- MD5
  
  229f350c161ad42758226aacc5d365bc
- SHA1
  
  f5c4be3ccb979d7941e5bb1c9d25605e6b5ff835
- SHA256
  
  08c7c5878ca2a3efa1a6f3e712d8c0ccb2eaecc36e69028dceb35b4b0c0e9e76
- SHA512
  
  d20a7a2fcdfbc73f6cf8feeac6a6c16cfd0db708664306b7e24a1ff88fa75e489f4f25dc84c5e7ba8545a335c823bdda5a1eac1796fc6ad48059cd069ccb87b1
- SSDEEP
  
  49152:mMR/uUCKE5X/Uh6xy7vPsSChCf17T6VQXI:jqsYXa7T6B
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks system information in the registry
  System information is often read in order to detect sandboxing environments.
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  SMEditor/credits.html
- Size
  
  8.7MB
- MD5
  
  a89a9160a086d9107f68bd94d867459b
- SHA1
  
  60559bd1d605f5618a2678f77f49e77b82fea530
- SHA256
  
  d6444df5c17e30a64281243da629f07e44ca84b41ec2dd5b153199f6302b29a7
- SHA512
  
  94e8b98bf8291803a712cc4c7ba39d548f90f2914842a5ecc60721c77f3208e434dc8a9d651ed5a3ede185b53830664f8d91bde58f2811129e9eb8e5173190fb
- SSDEEP
  
  24576:sZS6wm635kOWSo8R8dwVemfl6S686n6x600HTw7p9V:syff5
Score

1^/10
behavioral3 behavioral4
- Target
  
  SMEditor/d3dcompiler_47.dll
- Size
  
  4.7MB
- MD5
  
  2191e768cc2e19009dad20dc999135a3
- SHA1
  
  f49a46ba0e954e657aaed1c9019a53d194272b6a
- SHA256
  
  7353f25dc5cf84d09894e3e0461cef0e56799adbc617fce37620ca67240b547d
- SHA512
  
  5adcb00162f284c16ec78016d301fc11559dd0a781ffbeff822db22efbed168b11d7e5586ea82388e9503b0c7d3740cf2a08e243877f5319202491c8a641c970
- SSDEEP
  
  49152:KCZnRO4XyM53Rkq4ypQqdoRpmruVNYvkaRwvhiD0N+YEzI4og/RfzHLeHTRhFRNc:xG2QCwmHPnog/pzHAo/A6l
Score

1^/10
behavioral5
- Target
  
  SMEditor/ffmpeg.dll
- Size
  
  2.0MB
- MD5
  
  05a1f9113feeb06ebdb0af5c94c37879
- SHA1
  
  0647a8ff8852f9735bf3f3b2009fd46fb235f5ae
- SHA256
  
  a49240f9b626d8ef02713efc9624408f1fa0399775b68fb3f2ef1db69fb8ab78
- SHA512
  
  b9f6a319378345720f55a1620114312558be2da0f53c008f0bf984cfdc094eb810470a31248852df0b0ab07cce7ce083efae1bcd5e015dbc4248df86137b3b2b
- SSDEEP
  
  24576:AWAYwK157qsw8g5DitUKT6mPgPswvD9Q++AViqp6JoIpBHHM9wkk:3Ay15Wiuitp6mPs9T+AVizJochHMM
Score

1^/10
behavioral6 behavioral7
- Target
  
  SMEditor/libEGL.dll
- Size
  
  444KB
- MD5
  
  faa27bf7062f3d7514386a5fa4acb81e
- SHA1
  
  6ce3a638d81b1fc824b2d21c4725b08c72428e73
- SHA256
  
  1388fb48fa0fb258bb1aaa5597aa2b867144dceb099dab3b43101787bb483c2f
- SHA512
  
  804b7a9a6e0ec4f927cf4ae891f1b78742c5e4e0f463b286ad22c0c37fd7d980cd7eda3d159a657e5bfca9344074399560aec87d7cd580bd29ce864d0ddee38c
- SSDEEP
  
  6144:vE4vggB77XnAFJOiVghQNu0Q/2fNClzCdrJEQa+1:c4ogxnAFJOkghQNrClGrJED
Score

1^/10
behavioral8 behavioral9
- Target
  
  SMEditor/libGLESv2.dll
- Size
  
  6.6MB
- MD5
  
  b8f6d5da6f220f8d39d2c0413bf50c7b
- SHA1
  
  18ed7a44ddab24e81b78142b3b676c8e02f33055
- SHA256
  
  51e4108e0c3607bb52dd64f3109559a40dcedfc8bde4baff84ea5f214e97856a
- SHA512
  
  9459088b776d32101734ff46d49604e12976b18bed832005873aec360aef2a9b03f27b79114eed769d32733b48617480d4f289a8eb73657bcf752755cd0fbe33
- SSDEEP
  
  49152:FfoLgaKqO6rk/8KR41Xft+AlHH4Jv3l+7gFOsTvZTGT4ltgh/sKDEtVFFTK2/get:6BXFTlnKkuQ4WAiwwHurw3XF
Score

1^/10
behavioral10 behavioral11
- Target
  
  SMEditor/node.dll
- Size
  
  17.4MB
- MD5
  
  d75452669e917d4eb4701f8aaffcc99f
- SHA1
  
  2fc81479ca44f3d28b58e231c3798e06aa06af23
- SHA256
  
  b77f8a9ffcb43ff98a7e8f44adcb80d20d074fe2552f6df753edd711698b21f9
- SHA512
  
  4c3737f697da8a0d80255af1a515f2e5fa6be27643fa7b24a51577f3d42cd9b636527b69e2c1947c0dc6d62504b6ec38be0df5ad1048584bb628e66443c4209f
- SSDEEP
  
  196608:OClFgvw8eWv14jYkndNx/YDB3vOz0hGxxC:OogvwjWN4LdNWDpvOz0EfC
Score

1^/10
behavioral12 behavioral13
- Target
  
  SMEditor/notification_helper.exe
- Size
  
  1.1MB
- MD5
  
  1fa7c10b32332ee4e2287fb757a74ee7
- SHA1
  
  efb0e7c8b866df9a86d94c105ee3e9b03d353368
- SHA256
  
  21ac4ec86bfed0addb0d3793779e4147caa0580d571effaeba1fe319ba9d5562
- SHA512
  
  688cd86a2407eb6661abae1899dfa76b8abfa0552be57375822a1b9f963b3eafbba683afa2d851de0121f7288f05638c5960984aa897c0a840b68d022b9e0bf0
- SSDEEP
  
  24576:cZvElDtyT0j6lIGsVrkq8ONj6FGQi5MHY:cZvElDtygj606qrNOLi
Score

1^/10
behavioral14 behavioral15
- Target
  
  SMEditor/nw.dll
- Size
  
  199.1MB
- MD5
  
  e364cda0087825f70ef0332e2be65379
- SHA1
  
  ba9fc41cddccb576f022d34c003e86736ef5bf62
- SHA256
  
  f924feb13c23a57529054107d2412f16edf8a31dac7e8aa6e36eaf86c6a47a7d
- SHA512
  
  c471264cdcfbb0ab7be89da58498c2ba86184917b623c262581212654b0d6549663212a148a5a92fe1342201fd4e9b77cd0478abe013fa817a0bdc7a9eef4280
- SSDEEP
  
  1572864:UtAt+kI758sDa3FD2Ps+hvUzVxi2c0ewtV4DZEFJpHNZZu4XgAijI2Mf3vW4Rl:ArS5VeZwMlw3zl
Score

1^/10
behavioral16 behavioral17
- Target
  
  SMEditor/nw_elf.dll
- Size
  
  1.1MB
- MD5
  
  7509d69c2896e7b903398da350b42c8a
- SHA1
  
  6bb535ea3728933a6aa9162950cfc44328e4d347
- SHA256
  
  bbaf4e0d60d4362e23671301e9aba75252b1059cd6e1dcf6ad0accec5e115152
- SHA512
  
  438cefec05e62904a8f2f304607ea4e9ab691793f8950ea2ff12b3740b5bf172f29ec40f17921d4da8a09590bba01889d81da8315ea6585076c0b758d9e6a1be
- SSDEEP
  
  12288:KVQ+6Nq2vF73pppDh8oLG9UTlcPwaKD1CK+D3SJ3NVTRmcIMI+nk/owl+GlBfG:KVQDNqyB7zLG9qD1CrDQHNmcMzl+6l
Score

1^/10
behavioral18 behavioral19
- Target
  
  SMEditor/package.nw/index.html
- Size
  
  373B
- MD5
  
  507f273159739f405b7af77029c68545
- SHA1
  
  22c63f759b0b6dc9e74b3fba2c5e053172290d07
- SHA256
  
  7961fd930e541547480a747cc7af123e3a7630c974ef367be40b3b92348511bf
- SHA512
  
  f48c2263365ec70c5860ba3ceb830c6d012b3ce27f20c69ce85bc167e814bee49262d68104c738d5aa74d27e17b5134f1df93d4beb36a3ff3f898b536df89158
Score

1^/10
behavioral20 behavioral21
- Target
  
  SMEditor/vk_swiftshader.dll
- Size
  
  4.3MB
- MD5
  
  5a3011f59ad6aceda78a8f42ba7cfa1e
- SHA1
  
  ce61a5acaafbf7464d9a26db762f9f661e6e9aac
- SHA256
  
  39612549c82c10b8a8e8072f2faf17354d8cccd3eeba1d5fda9c50ff547ffe5d
- SHA512
  
  16e9cbba44fb14e0e27fc872de51e501dffe79cc39b3386bcec28f6db874cb84606848e5c1e67322486fe29960dbd514fbf505af8c94cccd54126ab873a33aa7
- SSDEEP
  
  49152:KU82lTQcFMkjVGWalGA0GmK3jrmz5xbQ87uhvMxqyF2k2gwUIukCN/ET8CPhmQJF:u+TJXIfw05PhLJVS0Dy
Score

1^/10
behavioral22 behavioral23
- Target
  
  SMEditor/vulkan-1.dll
- Size
  
  892KB
- MD5
  
  2db0026c9329b1faf58971cf1ac51a6c
- SHA1
  
  e7e043ad9feb2086b4ead78a661c376de596e4d3
- SHA256
  
  e471e4e0a5635d2e5f6e1e5778016d0e5e169bc61aa32e5d380ebcd2502fc103
- SHA512
  
  ad1e66450ccbf49bbaf7632bb7b9c201d2bb0e53cf2594dacfda439545bb07aa2a085d188654e8e057d3ae0c1d682d3523942d9492d3c1f2d74bce8bf378d7e6
- SSDEEP
  
  24576:VkLGO/wBlPes+ERBTmqQRw6Z5WdDYsH26g3P0zAk7JeAy0:SLGQwBlOEDTVUw6Z5WdDYsH26g3P0zAC
Score

1^/10
behavioral24 behavioral25

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Checks system information in the registry

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25